2 matches found
CVE-2005-1915
The vulnerability CVE-2005-1915 affects log4sh up to version 1.2.5, where the log4sh_readProperties function is exploitable. The root cause is a symlink attack on predictable log4sh.$$ filenames, enabling local attackers to overwrite arbitrary files. The CVSS-derived impact is low base score with...
CVE-2005-2133
CVE-2005-2133 is a duplicate of CVE-2005-1915. The connected CVE-2005-1915 describes a vulnerability in log4sh_readProperties for log4sh versions up to 1.2.5, where local users can overwrite arbitrary files via a symlink attack on predictable log4sh.$$ filenames. Affected product: log4sh (